Firewall
1.开启防火墙:
systemctl start firewalld
2.关闭防火墙:
systemctl stop firewalld
3.查看防火墙状态:
systemctl status firewalld
4.设置开机启动:
systemctl enable firewalld
5.禁用开机启动:
systemctl disable firewalld
6.重启防火墙:
firewall-cmd --reload
7.开放端口(修改后需要重启防火墙方可生效):
firewall-cmd --zone=public --add-port=8080/tcp --permanent
8.查看开放的端口:
firewall-cmd --list-ports
9.关闭端口:
firewall-cmd --zone=public --remove-port=8080/tcp --permanent
Iptables
由于CenterOS7.0以上版本并没有预装Iptables,我们需要自行装。安装前先关闭firewall防火墙
1.安装iptables:
yum install iptables
2.安装iptables-services:
yum install iptables-services
3.开启防火墙:
systemctl start iptables.service
4.关闭防火墙:
systemctl stop iptables.service
5.查看防火墙状态:
systemctl status iptables.service
6.设置开机启动:
systemctl enable iptables.service
7.禁用开机启动:
systemctl disable iptables.service
8.查看filter表的几条链规则(INPUT链可以看出开放了哪些端口):
iptables -L -n
9.查看NAT表的链规则:
iptables -t nat -L -n
10.清除防火墙所有规则:
iptables -F
iptables -X
iptables -Z
11.给INPUT链添加规则(开放8080端口):
iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
12.查找规则所在行号:
iptables -L INPUT --line-numbers -n
13.根据行号删除过滤规则(关闭8080端口):
iptables -D INPUT 1